<?php
	session_start();
	
	if(!isset($_SESSION["maloainguoidung"]))
	{
		header("location:login.php?err=1");	
	}
	
	if(isset($_POST["madt"]))
	{

		$madt = $_POST["madt"];
		$ten = $_POST["ten"];
		$thongtinchitiet = $_POST["thongtinchitiet"];
		$nsx = $_POST["nsx"];
		$loai = $_POST["loai"];
		$gia = $_POST["gia"];
		$xuatxu = $_POST["xuatxu"];
		if ($_FILES['hinh']['size'] > 0)
		{
			move_uploaded_file($_FILES['hinh']['tmp_name'],"../../../images/upload/".$_FILES['hinh']['name']);
		
			$sql = "UPDATE `dt` SET `tendt`='".$ten."',`thongtinchitiet`='".$thongtinchitiet."',`manhasanxuat`=$nsx,`gia`=$gia,`hinh`='images/upload/".$_FILES['hinh']['name']."',`xuatxu`='".$xuatxu."',`maloaisanpham`=$loai WHERE `madt`=$madt";				
		}
		else
		{
			$sql = "UPDATE `dt` SET `tendt`='".$ten."',`thongtinchitiet`='".$thongtinchitiet."',`manhasanxuat`=$nsx,`gia`=$gia,`xuatxu`='".$xuatxu."',`maloaisanpham`=$loai WHERE `madt`=$madt";	
		}
		
		include"../../../code/DataProvider.php";
		DataProvider::ExecuteQuery($sql);
	}
	header("location:../../index.php?act=2");
?>